Main menu

Post navigation

Streaming Steam games from Amazon EC2 to Steam Link over OpenVPN tunnel featuring Pfsense and VMware

Oh have I longed to write this blog post, ever since I bought a Steam Link for myself as a christmas gift I’ve been wanting to make use of it. I’m the kind of person who sometimes (a bit too often) buys stuff first and motivates the purchase later (sometimes with a bit too much infrastructure).

Back in February I gave it a try but never got it to work, I wasn’t able to ping my local machines from my EC2 machine over my OpenVPN tunnel. This confused me a lot and I left it for a while. Tried again last week and got it to work, the magic was that since I’m running my Pfsense instance in VMWare I had to set my network card in promiscuous mode (yes it’s called that and it means basically that it sends packets everywhere).

After network card was in promiscuous mode everything just worked out, I downloaded a couple of games and when I started a Steam client on my local network it just said that I could start streaming from the Windows machine I had in EC2.

In the blog post above the connection is made from your local machine to EC2 but I’m doing it in the other direction so I’m going to explain that in more detail here. Also since the premade EC2 Gaming AMI is a couple of years old I had to update Windows, Steam and Nvidia drivers but I’ll go through that too.

EC2

These are the steps needed to get the machine up and running in EC2, refer back to the original blog post for details.

Launch the ec2gaming machine in EC2 as a g2.2xlarge spot instance, this is documented in the blog post already. I create a Security Group with full access for my public IP address, you can of course be more restrictive by only allowing RDP.

Uninstall OpenVPN (from the Start menu) and download a newer version from here. Don’t install OpenVPN Service, it’s not needed.

Now is the time to take a snapshot of the machine since a spot instance is always terminated when you turn it off. You can do this manually from the AWS Console or using the gaming-down.sh script as described no the blog, if using the scripts in the future it’s a good idea to create an IAM user with limited access since the credentials are in clear text in the script.

I’ve created a pretty narrow policy for the IAM user that runs gaming-up.sh and gaming-down.sh

Pfsense

I’m using Pfsense at home instead of a normal router, it runs in VMWare ESXi (5.1 at the moment but upgrade is coming) and works like a charm. I will not go into details about Pfsense since I assume if you’re reading this you are kind a geek anyways. Follow the steps below to set up a OpenVPN server in Pfsense that your EC2 machine can connect to.

Create the OpenVPN server according to these settings, instead of using screenshots I printed my configuration page as a PDF. Most of it is standard and it’s all described in the blog post about the stretched LAN

Go to Interfaces / Interface Assignments and assign the aws-lan-bridged Network port as OPT1 or whatever name you like

The firewall will probably have created some rules for you OpenVPN server so might not have to create the ones for the inbound traffic (WAN port 1194) but create the other rules as described in the blog post.

Create the Bridge as described (it should consist of LAN and OPT1

That’s what you need on the Pfsense side of things but if you’re like me using VMWare as a hypervisor you will need to do 1 more thing as I found here after serious Googling why I couldn’t reach my internal network from EC2.

Login to your ESXi and from the command line you need to issue a command kind of like this:

Create a file called client.ovpn and on your Windows Server then right-click on the OpenVPN GUI taskbar icon and chose Import file…

Right click the OpenVPN GUI icon again and you should have a menu option client and under that connect. Chose connect and you should be connected to your LAN.

Steam

We left the fun stuff for last, open Steam and login with your credentials and make sure it’s configured for streaming, this is described in the first blog link. On your local network your other Steam client(s) should pick up that there’s a new device available for streaming.

Boot up your Steam Link and enjoy gaming!

Beware of shutting down the streaming server from Steam Link, this will terminate the instance since it’s a Spot Instance.